22from __future__ import annotations
33
44import atexit
5- import collections .abc
65import logging
76import os
87import pathlib
@@ -346,20 +345,24 @@ def _get_private_bytes_from_file(
346345 str ,
347346 # SNOW-1825621: OAUTH implementation
348347 ),
349- "oauth_security_features " : (
350- ( "pkce" ,) ,
351- collections . abc . Iterable , # of strings
348+ "oauth_enable_pkce " : (
349+ True ,
350+ bool ,
352351 # SNOW-1825621: OAUTH PKCE
353352 ),
354- "check_arrow_conversion_error_on_every_column " : (
355- True ,
353+ "oauth_enable_refresh_tokens " : (
354+ False ,
356355 bool ,
357- ), # SNOW-XXXXX: remove the check_arrow_conversion_error_on_every_column flag
358- # Client-side opt-in to single-use refresh tokens.
356+ ),
359357 "oauth_enable_single_use_refresh_tokens" : (
360358 False ,
361359 bool ,
360+ # Client-side opt-in to single-use refresh tokens.
362361 ),
362+ "check_arrow_conversion_error_on_every_column" : (
363+ True ,
364+ bool ,
365+ ), # SNOW-XXXXX: remove the check_arrow_conversion_error_on_every_column flag
363366}
364367
365368APPLICATION_RE = re .compile (r"[\w\d_]+" )
@@ -843,21 +846,6 @@ def unsafe_file_write(self) -> bool:
843846 def unsafe_file_write (self , value : bool ) -> None :
844847 self ._unsafe_file_write = value
845848
846- class _OAuthSecurityFeatures (NamedTuple ):
847- pkce_enabled : bool
848- refresh_token_enabled : bool
849-
850- @property
851- def oauth_security_features (self ) -> _OAuthSecurityFeatures :
852- features = self ._oauth_security_features
853- if isinstance (features , str ):
854- features = features .split (" " )
855- features = [feat .lower () for feat in features ]
856- return self ._OAuthSecurityFeatures (
857- pkce_enabled = "pkce" in features ,
858- refresh_token_enabled = "refresh_token" in features ,
859- )
860-
861849 @property
862850 def check_arrow_conversion_error_on_every_column (self ) -> bool :
863851 return self ._check_arrow_conversion_error_on_every_column
@@ -1217,7 +1205,6 @@ def __open_connection(self):
12171205 elif self ._authenticator == OAUTH_AUTHORIZATION_CODE :
12181206 self ._check_experimental_authentication_flag ()
12191207 self ._check_oauth_required_parameters ()
1220- features = self .oauth_security_features
12211208 if self ._role and (self ._oauth_scope == "" ):
12221209 # if role is known then let's inject it into scope
12231210 self ._oauth_scope = _OAUTH_DEFAULT_SCOPE .format (role = self ._role )
@@ -1233,20 +1220,19 @@ def __open_connection(self):
12331220 ),
12341221 redirect_uri = self ._oauth_redirect_uri ,
12351222 scope = self ._oauth_scope ,
1236- pkce_enabled = features . pkce_enabled ,
1223+ pkce_enabled = self . _oauth_enable_pkce ,
12371224 token_cache = (
12381225 auth .get_token_cache ()
12391226 if self ._client_store_temporary_credential
12401227 else None
12411228 ),
1242- refresh_token_enabled = features . refresh_token_enabled ,
1229+ refresh_token_enabled = self . _oauth_enable_refresh_tokens ,
12431230 external_browser_timeout = self ._external_browser_timeout ,
12441231 enable_single_use_refresh_tokens = self ._oauth_enable_single_use_refresh_tokens ,
12451232 )
12461233 elif self ._authenticator == OAUTH_CLIENT_CREDENTIALS :
12471234 self ._check_experimental_authentication_flag ()
12481235 self ._check_oauth_required_parameters ()
1249- features = self .oauth_security_features
12501236 if self ._role and (self ._oauth_scope == "" ):
12511237 # if role is known then let's inject it into scope
12521238 self ._oauth_scope = _OAUTH_DEFAULT_SCOPE .format (role = self ._role )
@@ -1263,7 +1249,7 @@ def __open_connection(self):
12631249 if self ._client_store_temporary_credential
12641250 else None
12651251 ),
1266- refresh_token_enabled = features . refresh_token_enabled ,
1252+ refresh_token_enabled = self . _oauth_enable_refresh_tokens ,
12671253 )
12681254 elif self ._authenticator == USR_PWD_MFA_AUTHENTICATOR :
12691255 self ._session_parameters [PARAMETER_CLIENT_REQUEST_MFA_TOKEN ] = (
0 commit comments